05-23-2008 04:48 PM - edited 03-10-2019 04:07 AM
I have clients running Exchange Server 2003. More than one of them are plagued by (presumably) scripted attempts to log in to their SMTP server, using a long list of common American names.
Please forgive what is undoubtedly a basic question--but can the IPS features in the Cisco PIX 501 be used to fend off an attack like this? And if so, can you point me in the right direction for configuring this feature?
Thanks much,
Zac Mutrux
05-26-2008 11:20 AM
Zac,
unfortunately,the ids feature in pix is not advanced enough to locate such attacks.
I would suggest aip-ssm module in asa's or a dedicated ids/ips box to take care of millions of attacks and vulnerabilities ot there.
Regards,
Sushil
Cisco TAC.
05-26-2008 11:43 AM
Well that's too bad, but thanks for your reply just the same.
Zac
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide